Title: iCOPS: insider attack detection in distributed file systems

Authors: Riddhi Solani; Manik Lal Das

Addresses: DA-IICT Gandhinagar – 382007, India ' DA-IICT Gandhinagar – 382007, India

Abstract: Distributed file system (DFS) has been widely used in many applications. Insider attacks in DFS is a potential target that can cause problems in many applications. A malicious insider or an outsider who controls an insider could compromise application's security by exploiting the target file(s) in the system. In this paper, a scheme, named as iCOPS, is proposed to detect insider attacks in DFSs. The proposed iCOPS scheme consists of two algorithms - Process Profiling and Attack Detection. The Process Profiling runs on datanode and replica nodes that provide output to namenode, whereas, the Attack Detection runs on the namenode to detect an attack that might have triggered by the Process Profiling algorithm. The analysis and experimental results of the proposed iCOPS show notable observations in detection of data alteration by insider attacks.

Keywords: insider attacks; system security; distributed systems; HDFS; data modification; process profiling.

DOI: 10.1504/IJSCCPS.2021.10041256

International Journal of Social Computing and Cyber-Physical Systems, 2021 Vol.2 No.3, pp.244 - 255

Received: 27 Nov 2020
Accepted: 28 May 2021

Published online: 05 Oct 2021 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article